enhance: コンテンツ削除を制限されていてもアカウントの閉鎖ができるように (MisskeyIO#532)

This commit is contained in:
まっちゃとーにゅ 2024-03-18 13:09:13 +09:00 committed by GitHub
parent 2564fc7346
commit 075ec2d7df
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
33 changed files with 390 additions and 403 deletions

View file

@ -1691,6 +1691,7 @@ _role:
canCreateContent: "Can create contents"
canUpdateContent: "Can edit contents"
canDeleteContent: "Can delete contents"
canPurgeAccount: "Can delete account completely"
canUpdateAvatar: "Can change avatar"
canUpdateBanner: "Can change banner"
mentionMax: "Maximum number of mentions in a note"

4
locales/index.d.ts vendored
View file

@ -6594,6 +6594,10 @@ export interface Locale extends ILocale {
*
*/
"canDeleteContent": string;
/**
*
*/
"canPurgeAccount": string;
/**
*
*/

View file

@ -1706,6 +1706,7 @@ _role:
canCreateContent: "コンテンツの作成"
canUpdateContent: "コンテンツの編集"
canDeleteContent: "コンテンツの削除"
canPurgeAccount: "完全なアカウントの削除"
canUpdateAvatar: "アイコンの変更"
canUpdateBanner: "バナーの変更"
mentionMax: "ノート内の最大メンション数"

View file

@ -1674,6 +1674,7 @@ _role:
canCreateContent: "컨텐츠 생성 허용"
canUpdateContent: "컨텐츠 수정 허용"
canDeleteContent: "컨텐츠 삭제 허용"
canPurgeAccount: "완전한 계정 삭제 허용"
canUpdateAvatar: "아바타 변경 허용"
canUpdateBanner: "배너 변경 허용"
canInvite: "서버 초대 코드 발행"

View file

@ -4,38 +4,47 @@
*/
import { Inject, Injectable } from '@nestjs/common';
import { bindThis } from '@/decorators.js';
import { DI } from '@/di-symbols.js';
import type Logger from '@/logger.js';
import type { UsersRepository } from '@/models/_.js';
import type { MiUser } from '@/models/User.js';
import { RoleService } from '@/core/RoleService.js';
import { QueueService } from '@/core/QueueService.js';
import { UserSuspendService } from '@/core/UserSuspendService.js';
import { DI } from '@/di-symbols.js';
import { bindThis } from '@/decorators.js';
import { GlobalEventService } from '@/core/GlobalEventService.js';
import { LoggerService } from '@/core/LoggerService.js';
@Injectable()
export class DeleteAccountService {
public logger: Logger;
constructor(
@Inject(DI.usersRepository)
private usersRepository: UsersRepository,
private userSuspendService: UserSuspendService,
private roleService: RoleService,
private queueService: QueueService,
private userSuspendService: UserSuspendService,
private globalEventService: GlobalEventService,
private loggerService: LoggerService,
) {
this.logger = this.loggerService.getLogger('delete-account');
}
@bindThis
public async deleteAccount(user: {
id: string;
host: string | null;
}): Promise<void> {
public async deleteAccount(user: MiUser, soft: boolean, me: MiUser | null): Promise<void> {
this.logger.warn(`Delete account requested by ${me ? me.id : 'remote'} for ${user.id} (soft: ${soft})`);
const _user = await this.usersRepository.findOneByOrFail({ id: user.id });
if (_user.isRoot) throw new Error('cannot delete a root account');
// 物理削除する前にDelete activityを送信する
await this.userSuspendService.doPostSuspend(user).catch(e => {});
await this.userSuspendService.doPostSuspend(user).catch(err => this.logger.error(err));
this.queueService.createDeleteAccountJob(user, {
soft: false,
force: me ? await this.roleService.isModerator(me) : false,
soft: soft,
});
await this.usersRepository.update(user.id, {
@ -44,4 +53,16 @@ export class DeleteAccountService {
this.globalEventService.publishInternalEvent('userChangeDeletedState', { id: user.id, isDeleted: true });
}
@bindThis
public async deleteAllDriveFiles(user: MiUser, me: MiUser | null): Promise<void> {
this.logger.warn(`Delete all drive files requested by ${me ? me.id : 'remote'} for ${user.id}`);
await this.usersRepository.findOneByOrFail({ id: user.id });
this.queueService.createDeleteAccountJob(user, {
force: me ? await this.roleService.isModerator(me) : false,
onlyFiles: true,
});
}
}

View file

@ -352,10 +352,12 @@ export class QueueService {
}
@bindThis
public createDeleteAccountJob(user: ThinUser, opts: { soft?: boolean; } = {}) {
public createDeleteAccountJob(user: ThinUser, opts: { soft?: boolean, force?: boolean, onlyFiles?: boolean } = {}) {
return this.dbQueue.add('deleteAccount', {
user: { id: user.id },
soft: opts.soft,
force: opts.force,
onlyFiles: opts.onlyFiles,
}, {
removeOnComplete: true,
removeOnFail: true,

View file

@ -40,6 +40,7 @@ export type RolePolicies = {
canCreateContent: boolean;
canUpdateContent: boolean;
canDeleteContent: boolean;
canPurgeAccount: boolean;
canUpdateAvatar: boolean;
canUpdateBanner: boolean;
mentionLimit: number;
@ -77,6 +78,7 @@ export const DEFAULT_POLICIES: RolePolicies = {
canCreateContent: true,
canUpdateContent: true,
canDeleteContent: true,
canPurgeAccount: true,
canUpdateAvatar: true,
canUpdateBanner: true,
mentionLimit: 20,
@ -353,6 +355,7 @@ export class RoleService implements OnApplicationShutdown, OnModuleInit {
canCreateContent: calc('canCreateContent', vs => vs.some(v => v === true)),
canUpdateContent: calc('canUpdateContent', vs => vs.some(v => v === true)),
canDeleteContent: calc('canDeleteContent', vs => vs.some(v => v === true)),
canPurgeAccount: calc('canPurgeAccount', vs => vs.some(v => v === true)),
canUpdateAvatar: calc('canUpdateAvatar', vs => vs.some(v => v === true)),
canUpdateBanner: calc('canUpdateBanner', vs => vs.some(v => v === true)),
mentionLimit: calc('mentionLimit', vs => Math.max(...vs)),

View file

@ -487,7 +487,8 @@ export class ApInboxService {
return 'skip: already deleted';
}
const job = await this.queueService.createDeleteAccountJob(actor);
// リモートから消されたということなので、物理削除する
const job = await this.queueService.createDeleteAccountJob(actor, { force: true, soft: false });
await this.usersRepository.update(actor.id, {
isDeleted: true,

View file

@ -179,6 +179,10 @@ export const packedRolePoliciesSchema = {
type: 'boolean',
optional: false, nullable: false,
},
canPurgeAccount: {
type: 'boolean',
optional: false, nullable: false,
},
canUpdateAvatar: {
type: 'boolean',
optional: false, nullable: false,

View file

@ -4,14 +4,15 @@
*/
import { Inject, Injectable } from '@nestjs/common';
import { DI } from '@/di-symbols.js';
import type { DriveFilesRepository, NotesRepository, UserProfilesRepository, UsersRepository } from '@/models/_.js';
import type Logger from '@/logger.js';
import { DriveService } from '@/core/DriveService.js';
import type { MiUser } from '@/models/User.js';
import { EmailService } from '@/core/EmailService.js';
import { bindThis } from '@/decorators.js';
import { DI } from '@/di-symbols.js';
import type Logger from '@/logger.js';
import type { DriveFilesRepository, NotesRepository, UserProfilesRepository, UsersRepository } from '@/models/_.js';
import type { MiUser } from '@/models/User.js';
import { DriveService } from '@/core/DriveService.js';
import { EmailService } from '@/core/EmailService.js';
import { SearchService } from '@/core/SearchService.js';
import { RoleService } from '@/core/RoleService.js';
import { QueueLoggerService } from '../QueueLoggerService.js';
import type * as Bull from 'bullmq';
import type { DbUserDeleteJobData } from '../types.js';
@ -35,8 +36,9 @@ export class DeleteAccountProcessorService {
private driveService: DriveService,
private emailService: EmailService,
private queueLoggerService: QueueLoggerService,
private searchService: SearchService,
private roleService: RoleService,
private queueLoggerService: QueueLoggerService,
) {
this.logger = this.queueLoggerService.logger.createSubLogger('delete-account');
}
@ -87,19 +89,32 @@ export class DeleteAccountProcessorService {
@bindThis
public async process(job: Bull.Job<DbUserDeleteJobData>): Promise<string | void> {
this.logger.info(`Deleting account of ${job.data.user.id} ...`);
this.logger.info(`Deleting account of ${job.data.user.id} ...`, { userDeleteJobData: job.data });
const user = await this.usersRepository.findOneBy({ id: job.data.user.id });
if (user == null) {
return;
}
const { canDeleteContent, canPurgeAccount } = !job.data.force
? await this.roleService.getUserPolicies(user.id)
: { canDeleteContent: true, canPurgeAccount: true };
if (job.data.onlyFiles) {
if (!canDeleteContent) return 'Permission denied';
await this.deleteFiles(user);
return 'Files deleted';
}
if (canDeleteContent) {
await Promise.all([
this.deleteNotes(user),
this.deleteFiles(user),
]);
}
{ // Send email notification
if (user.token) { // Send email notification
const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id });
if (profile.email && profile.emailVerified) {
await this.emailService.sendEmail(profile.email, 'Account deleted',
@ -108,9 +123,13 @@ export class DeleteAccountProcessorService {
}
}
// soft指定されている場合は物理削除しない
if (job.data.soft) {
// nop
// 制限されている もしくは soft指定されている場合は物理削除しない、代わりに凍結削除フラグを立てる
if (!(canDeleteContent && canPurgeAccount) || job.data.soft) {
await this.usersRepository.update(user.id, {
token: null,
isSuspended: true,
isDeleted: true,
});
} else {
await this.usersRepository.delete(job.data.user.id);
}

View file

@ -79,6 +79,8 @@ export type DBExportAntennasData = {
export type DbUserDeleteJobData = {
user: ThinUser;
soft?: boolean;
force?: boolean;
onlyFiles?: boolean;
};
export type DbUserImportJobData = {

View file

@ -27,11 +27,11 @@ import * as ep___admin_avatarDecorations_create from './endpoints/admin/avatar-d
import * as ep___admin_avatarDecorations_delete from './endpoints/admin/avatar-decorations/delete.js';
import * as ep___admin_avatarDecorations_list from './endpoints/admin/avatar-decorations/list.js';
import * as ep___admin_avatarDecorations_update from './endpoints/admin/avatar-decorations/update.js';
import * as ep___admin_deleteAllFilesOfAUser from './endpoints/admin/delete-all-files-of-a-user.js';
import * as ep___admin_unsetUserAvatar from './endpoints/admin/unset-user-avatar.js';
import * as ep___admin_unsetUserBanner from './endpoints/admin/unset-user-banner.js';
import * as ep___admin_drive_cleanRemoteFiles from './endpoints/admin/drive/clean-remote-files.js';
import * as ep___admin_drive_cleanup from './endpoints/admin/drive/cleanup.js';
import * as ep___admin_drive_deleteAllFilesOfAUser from './endpoints/admin/drive/delete-all-files-of-a-user.js';
import * as ep___admin_drive_files from './endpoints/admin/drive/files.js';
import * as ep___admin_drive_showFile from './endpoints/admin/drive/show-file.js';
import * as ep___admin_emoji_addAliasesBulk from './endpoints/admin/emoji/add-aliases-bulk.js';
@ -79,7 +79,6 @@ import * as ep___admin_showUsers from './endpoints/admin/show-users.js';
import * as ep___admin_suspendUser from './endpoints/admin/suspend-user.js';
import * as ep___admin_unsuspendUser from './endpoints/admin/unsuspend-user.js';
import * as ep___admin_updateMeta from './endpoints/admin/update-meta.js';
import * as ep___admin_deleteAccount from './endpoints/admin/delete-account.js';
import * as ep___admin_updateUserNote from './endpoints/admin/update-user-note.js';
import * as ep___admin_roles_create from './endpoints/admin/roles/create.js';
import * as ep___admin_roles_delete from './endpoints/admin/roles/delete.js';
@ -413,11 +412,11 @@ const $admin_avatarDecorations_create: Provider = { provide: 'ep:admin/avatar-de
const $admin_avatarDecorations_delete: Provider = { provide: 'ep:admin/avatar-decorations/delete', useClass: ep___admin_avatarDecorations_delete.default };
const $admin_avatarDecorations_list: Provider = { provide: 'ep:admin/avatar-decorations/list', useClass: ep___admin_avatarDecorations_list.default };
const $admin_avatarDecorations_update: Provider = { provide: 'ep:admin/avatar-decorations/update', useClass: ep___admin_avatarDecorations_update.default };
const $admin_deleteAllFilesOfAUser: Provider = { provide: 'ep:admin/delete-all-files-of-a-user', useClass: ep___admin_deleteAllFilesOfAUser.default };
const $admin_unsetUserAvatar: Provider = { provide: 'ep:admin/unset-user-avatar', useClass: ep___admin_unsetUserAvatar.default };
const $admin_unsetUserBanner: Provider = { provide: 'ep:admin/unset-user-banner', useClass: ep___admin_unsetUserBanner.default };
const $admin_drive_cleanRemoteFiles: Provider = { provide: 'ep:admin/drive/clean-remote-files', useClass: ep___admin_drive_cleanRemoteFiles.default };
const $admin_drive_cleanup: Provider = { provide: 'ep:admin/drive/cleanup', useClass: ep___admin_drive_cleanup.default };
const $admin_drive_deleteAllFilesOfAUser: Provider = { provide: 'ep:admin/drive/delete-all-files-of-a-user', useClass: ep___admin_drive_deleteAllFilesOfAUser.default };
const $admin_drive_files: Provider = { provide: 'ep:admin/drive/files', useClass: ep___admin_drive_files.default };
const $admin_drive_showFile: Provider = { provide: 'ep:admin/drive/show-file', useClass: ep___admin_drive_showFile.default };
const $admin_emoji_addAliasesBulk: Provider = { provide: 'ep:admin/emoji/add-aliases-bulk', useClass: ep___admin_emoji_addAliasesBulk.default };
@ -465,7 +464,6 @@ const $admin_showUsers: Provider = { provide: 'ep:admin/show-users', useClass: e
const $admin_suspendUser: Provider = { provide: 'ep:admin/suspend-user', useClass: ep___admin_suspendUser.default };
const $admin_unsuspendUser: Provider = { provide: 'ep:admin/unsuspend-user', useClass: ep___admin_unsuspendUser.default };
const $admin_updateMeta: Provider = { provide: 'ep:admin/update-meta', useClass: ep___admin_updateMeta.default };
const $admin_deleteAccount: Provider = { provide: 'ep:admin/delete-account', useClass: ep___admin_deleteAccount.default };
const $admin_updateUserNote: Provider = { provide: 'ep:admin/update-user-note', useClass: ep___admin_updateUserNote.default };
const $admin_roles_create: Provider = { provide: 'ep:admin/roles/create', useClass: ep___admin_roles_create.default };
const $admin_roles_delete: Provider = { provide: 'ep:admin/roles/delete', useClass: ep___admin_roles_delete.default };
@ -803,11 +801,11 @@ const $reversi_verify: Provider = { provide: 'ep:reversi/verify', useClass: ep__
$admin_avatarDecorations_delete,
$admin_avatarDecorations_list,
$admin_avatarDecorations_update,
$admin_deleteAllFilesOfAUser,
$admin_unsetUserAvatar,
$admin_unsetUserBanner,
$admin_drive_cleanRemoteFiles,
$admin_drive_cleanup,
$admin_drive_deleteAllFilesOfAUser,
$admin_drive_files,
$admin_drive_showFile,
$admin_emoji_addAliasesBulk,
@ -855,7 +853,6 @@ const $reversi_verify: Provider = { provide: 'ep:reversi/verify', useClass: ep__
$admin_suspendUser,
$admin_unsuspendUser,
$admin_updateMeta,
$admin_deleteAccount,
$admin_updateUserNote,
$admin_roles_create,
$admin_roles_delete,
@ -1187,11 +1184,11 @@ const $reversi_verify: Provider = { provide: 'ep:reversi/verify', useClass: ep__
$admin_avatarDecorations_delete,
$admin_avatarDecorations_list,
$admin_avatarDecorations_update,
$admin_deleteAllFilesOfAUser,
$admin_unsetUserAvatar,
$admin_unsetUserBanner,
$admin_drive_cleanRemoteFiles,
$admin_drive_cleanup,
$admin_drive_deleteAllFilesOfAUser,
$admin_drive_files,
$admin_drive_showFile,
$admin_emoji_addAliasesBulk,
@ -1239,7 +1236,6 @@ const $reversi_verify: Provider = { provide: 'ep:reversi/verify', useClass: ep__
$admin_suspendUser,
$admin_unsuspendUser,
$admin_updateMeta,
$admin_deleteAccount,
$admin_updateUserNote,
$admin_roles_create,
$admin_roles_delete,

View file

@ -124,6 +124,13 @@ export class SigninApiService {
});
}
if (user.isDeleted && user.isSuspended) {
logger.error('No such user. (logical deletion)');
return error(404, {
id: '6cc579cc-885d-43d8-95c2-b8c7fc963280',
});
}
if (user.isSuspended) {
logger.error('User is suspended.');
return error(403, {

View file

@ -27,11 +27,11 @@ import * as ep___admin_avatarDecorations_create from './endpoints/admin/avatar-d
import * as ep___admin_avatarDecorations_delete from './endpoints/admin/avatar-decorations/delete.js';
import * as ep___admin_avatarDecorations_list from './endpoints/admin/avatar-decorations/list.js';
import * as ep___admin_avatarDecorations_update from './endpoints/admin/avatar-decorations/update.js';
import * as ep___admin_deleteAllFilesOfAUser from './endpoints/admin/delete-all-files-of-a-user.js';
import * as ep___admin_unsetUserAvatar from './endpoints/admin/unset-user-avatar.js';
import * as ep___admin_unsetUserBanner from './endpoints/admin/unset-user-banner.js';
import * as ep___admin_drive_cleanRemoteFiles from './endpoints/admin/drive/clean-remote-files.js';
import * as ep___admin_drive_cleanup from './endpoints/admin/drive/cleanup.js';
import * as ep___admin_drive_deleteAllFilesOfAUser from './endpoints/admin/drive/delete-all-files-of-a-user.js';
import * as ep___admin_drive_files from './endpoints/admin/drive/files.js';
import * as ep___admin_drive_showFile from './endpoints/admin/drive/show-file.js';
import * as ep___admin_emoji_addAliasesBulk from './endpoints/admin/emoji/add-aliases-bulk.js';
@ -79,7 +79,6 @@ import * as ep___admin_showUsers from './endpoints/admin/show-users.js';
import * as ep___admin_suspendUser from './endpoints/admin/suspend-user.js';
import * as ep___admin_unsuspendUser from './endpoints/admin/unsuspend-user.js';
import * as ep___admin_updateMeta from './endpoints/admin/update-meta.js';
import * as ep___admin_deleteAccount from './endpoints/admin/delete-account.js';
import * as ep___admin_updateUserNote from './endpoints/admin/update-user-note.js';
import * as ep___admin_roles_create from './endpoints/admin/roles/create.js';
import * as ep___admin_roles_delete from './endpoints/admin/roles/delete.js';
@ -411,11 +410,11 @@ const eps = [
['admin/avatar-decorations/delete', ep___admin_avatarDecorations_delete],
['admin/avatar-decorations/list', ep___admin_avatarDecorations_list],
['admin/avatar-decorations/update', ep___admin_avatarDecorations_update],
['admin/delete-all-files-of-a-user', ep___admin_deleteAllFilesOfAUser],
['admin/unset-user-avatar', ep___admin_unsetUserAvatar],
['admin/unset-user-banner', ep___admin_unsetUserBanner],
['admin/drive/clean-remote-files', ep___admin_drive_cleanRemoteFiles],
['admin/drive/cleanup', ep___admin_drive_cleanup],
['admin/drive/delete-all-files-of-a-user', ep___admin_drive_deleteAllFilesOfAUser],
['admin/drive/files', ep___admin_drive_files],
['admin/drive/show-file', ep___admin_drive_showFile],
['admin/emoji/add-aliases-bulk', ep___admin_emoji_addAliasesBulk],
@ -463,7 +462,6 @@ const eps = [
['admin/suspend-user', ep___admin_suspendUser],
['admin/unsuspend-user', ep___admin_unsuspendUser],
['admin/update-meta', ep___admin_updateMeta],
['admin/delete-account', ep___admin_deleteAccount],
['admin/update-user-note', ep___admin_updateUserNote],
['admin/roles/create', ep___admin_roles_create],
['admin/roles/delete', ep___admin_roles_delete],

View file

@ -5,11 +5,11 @@
import { Inject, Injectable } from '@nestjs/common';
import { Endpoint } from '@/server/api/endpoint-base.js';
import type { UsersRepository } from '@/models/_.js';
import { QueueService } from '@/core/QueueService.js';
import { UserSuspendService } from '@/core/UserSuspendService.js';
import { DI } from '@/di-symbols.js';
import { UserEntityService } from '@/core/entities/UserEntityService.js';
import type { UsersRepository } from '@/models/_.js';
import { RoleService } from '@/core/RoleService.js';
import { DeleteAccountService } from '@/core/DeleteAccountService.js';
import { ApiError } from '@/server/api/error.js';
export const meta = {
tags: ['admin'],
@ -17,6 +17,20 @@ export const meta = {
requireCredential: true,
requireAdmin: true,
kind: 'write:admin:account',
errors: {
userNotFound: {
message: 'User not found.',
code: 'USER_NOT_FOUND',
id: '6c45276a-525e-46b0-892f-17a5036258bf',
},
cannotDeleteModerator: {
message: 'Cannot delete a moderator.',
code: 'CANNOT_DELETE_MODERATOR',
id: 'd195c621-f21a-4c2f-a634-484c2a616311',
},
},
} as const;
export const paramDef = {
@ -33,37 +47,17 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
@Inject(DI.usersRepository)
private usersRepository: UsersRepository,
private userEntityService: UserEntityService,
private queueService: QueueService,
private userSuspendService: UserSuspendService,
private roleService: RoleService,
private deleteAccountService: DeleteAccountService,
) {
super(meta, paramDef, async (ps, me) => {
const user = await this.usersRepository.findOneBy({ id: ps.userId });
if (user == null) {
throw new Error('user not found');
}
if (user == null) throw new ApiError(meta.errors.userNotFound);
if (await this.roleService.isModerator(user)) throw new ApiError(meta.errors.cannotDeleteModerator);
if (user.isRoot) {
throw new Error('cannot delete a root account');
}
if (this.userEntityService.isLocalUser(user)) {
// 物理削除する前にDelete activityを送信する
await this.userSuspendService.doPostSuspend(user).catch(err => {});
this.queueService.createDeleteAccountJob(user, {
soft: false,
});
} else {
this.queueService.createDeleteAccountJob(user, {
soft: true, // リモートユーザーの削除は、完全にDBから物理削除してしまうと再度連合してきてアカウントが復活する可能性があるため、soft指定する
});
}
await this.usersRepository.update(user.id, {
isDeleted: true,
});
// 管理者からの削除ということはモデレーション行為なので、soft delete にする
await this.deleteAccountService.deleteAccount(user, true, me);
});
}
}

View file

@ -1,46 +0,0 @@
/*
* SPDX-FileCopyrightText: syuilo and misskey-project
* SPDX-License-Identifier: AGPL-3.0-only
*/
import { Inject, Injectable } from '@nestjs/common';
import { Endpoint } from '@/server/api/endpoint-base.js';
import type { DriveFilesRepository } from '@/models/_.js';
import { DriveService } from '@/core/DriveService.js';
import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: true,
requireAdmin: true,
kind: 'write:admin:delete-all-files-of-a-user',
} as const;
export const paramDef = {
type: 'object',
properties: {
userId: { type: 'string', format: 'misskey:id' },
},
required: ['userId'],
} as const;
@Injectable()
export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export
constructor(
@Inject(DI.driveFilesRepository)
private driveFilesRepository: DriveFilesRepository,
private driveService: DriveService,
) {
super(meta, paramDef, async (ps, me) => {
const files = await this.driveFilesRepository.findBy({
userId: ps.userId,
});
for (const file of files) {
this.driveService.deleteFile(file);
}
});
}
}

View file

@ -4,17 +4,17 @@
*/
import { Inject, Injectable } from '@nestjs/common';
import type { UsersRepository } from '@/models/_.js';
import { Endpoint } from '@/server/api/endpoint-base.js';
import { DeleteAccountService } from '@/core/DeleteAccountService.js';
import { DI } from '@/di-symbols.js';
import type { UsersRepository } from '@/models/_.js';
import { DeleteAccountService } from '@/core/DeleteAccountService.js';
export const meta = {
tags: ['admin'],
requireCredential: true,
requireAdmin: true,
kind: 'write:admin:delete-account',
requireModerator: true,
kind: 'write:admin:drive',
} as const;
export const paramDef = {
@ -33,13 +33,10 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
private deleteAccountService: DeleteAccountService,
) {
super(meta, paramDef, async (ps) => {
super(meta, paramDef, async (ps, me) => {
const user = await this.usersRepository.findOneByOrFail({ id: ps.userId });
if (user.isDeleted) {
return;
}
await this.deleteAccountService.deleteAccount(user);
await this.deleteAccountService.deleteAllDriveFiles(user, me);
});
}
}

View file

@ -115,6 +115,14 @@ export const meta = {
type: 'boolean',
optional: false, nullable: false,
},
isLimited: {
type: 'boolean',
optional: false, nullable: false,
},
isDeleted: {
type: 'boolean',
optional: false, nullable: false,
},
isSuspended: {
type: 'boolean',
optional: false, nullable: false,
@ -242,6 +250,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
isModerator: isModerator,
isSilenced: isSilenced,
isLimited: isLimited,
isDeleted: user.isDeleted,
isSuspended: user.isSuspended,
isHibernated: user.isHibernated,
lastActiveDate: user.lastActiveDate ? user.lastActiveDate.toISOString() : null,

View file

@ -14,7 +14,6 @@ import { ApiError } from '@/server/api/error.js';
export const meta = {
requireCredential: true,
requireRolePolicy: 'canDeleteContent',
secure: true,
@ -76,7 +75,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
await this.userAuthService.twoFactorAuthenticate(profile, token);
}
await this.deleteAccountService.deleteAccount(me);
await this.deleteAccountService.deleteAccount(me, false, me);
});
}
}

View file

@ -104,7 +104,7 @@ describe('アンテナ', () => {
await api('i/delete-account', { password: 'userDeletedBySelf' }, userDeletedBySelf);
userDeletedByAdmin = await signup({ username: 'userDeletedByAdmin' });
await post(userDeletedByAdmin, { text: 'test' });
await api('admin/delete-account', { userId: userDeletedByAdmin.id }, root);
await api('admin/accounts/delete', { userId: userDeletedByAdmin.id }, root);
userFollowedByAlice = await signup({ username: 'userFollowedByAlice' });
await post(userFollowedByAlice, { text: 'test' });
await api('following/create', { userId: userFollowedByAlice.id }, alice);

View file

@ -246,7 +246,7 @@ describe('ユーザー', () => {
await api('i/delete-account', { password: 'userDeletedBySelf' }, userDeletedBySelf);
userDeletedByAdmin = await signup({ username: 'userDeletedByAdmin' });
await post(userDeletedByAdmin, { text: 'test' });
await api('admin/delete-account', { userId: userDeletedByAdmin.id }, root);
await api('admin/accounts/delete', { userId: userDeletedByAdmin.id }, root);
userFollowingAlice = await signup({ username: 'userFollowingAlice' });
await post(userFollowingAlice, { text: 'test' });
await api('following/create', { userId: alice.id }, userFollowingAlice);

View file

@ -108,6 +108,7 @@ export function userDetailed(id = 'someuserid', username = 'miskist', host = 'mi
isMuted: false,
isSilenced: false,
isLimited: false,
isDeleted: false,
isSuspended: false,
lang: 'en',
location: 'Fediverse',

View file

@ -79,6 +79,7 @@ export const ROLE_POLICIES = [
'canCreateContent',
'canUpdateContent',
'canDeleteContent',
'canPurgeAccount',
'canUpdateAvatar',
'canUpdateBanner',
'mentionLimit',

View file

@ -15,10 +15,12 @@ SPDX-License-Identifier: AGPL-3.0-only
<span class="name"><MkUserName class="name" :user="user"/></span>
<span class="sub"><span class="acct _monospace">@{{ acct(user) }}</span></span>
<span class="state">
<span v-if="suspended" class="suspended">Suspended</span>
<span v-if="limited" class="limited">Limited</span>
<span v-if="silenced" class="silenced">Silenced</span>
<span v-if="admin" class="admin">Admin</span>
<span v-if="moderator" class="moderator">Moderator</span>
<span v-if="silenced" class="silenced">Silenced</span>
<span v-if="limited" class="limited">Limited</span>
<span v-if="suspended" class="suspended">Suspended</span>
<span v-if="deleted" class="deleted">Deleted</span>
</span>
</div>
</div>
@ -32,12 +34,6 @@ SPDX-License-Identifier: AGPL-3.0-only
<template #key>ID</template>
<template #value><span class="_monospace">{{ user.id }}</span></template>
</MkKeyValue>
<!-- 要る
<MkKeyValue v-if="ips.length > 0" :copy="user.id" oneline>
<template #key>IP (recent)</template>
<template #value><span class="_monospace">{{ ips[0].ip }}</span></template>
</MkKeyValue>
-->
<MkKeyValue oneline>
<template #key>{{ i18n.ts.createdAt }}</template>
<template #value><span class="_monospace"><MkTime :time="user.createdAt" :mode="'detail'"/></span></template>
@ -50,48 +46,16 @@ SPDX-License-Identifier: AGPL-3.0-only
<template #key>{{ i18n.ts.email }}</template>
<template #value><span class="_monospace">{{ info.email }}</span></template>
</MkKeyValue>
<MkKeyValue v-if="ips.length > 0" :copy="user.id" oneline>
<template #key>IP (recent)</template>
<template #value><span class="_monospace">{{ ips[0].ip }}</span></template>
</MkKeyValue>
</div>
<MkTextarea v-model="moderationNote" manualSave>
<template #label>{{ i18n.ts.moderationNote }}</template>
</MkTextarea>
<!--
<FormSection>
<template #label>ActivityPub</template>
<div class="_gaps_m">
<div style="display: flex; flex-direction: column; gap: 1em;">
<MkKeyValue v-if="user.host" oneline>
<template #key>{{ i18n.ts.instanceInfo }}</template>
<template #value><MkA :to="`/instance-info/${user.host}`" class="_link">{{ user.host }} <i class="ti ti-chevron-right"></i></MkA></template>
</MkKeyValue>
<MkKeyValue v-else oneline>
<template #key>{{ i18n.ts.instanceInfo }}</template>
<template #value>(Local user)</template>
</MkKeyValue>
<MkKeyValue oneline>
<template #key>{{ i18n.ts.updatedAt }}</template>
<template #value><MkTime v-if="user.lastFetchedAt" mode="detail" :time="user.lastFetchedAt"/><span v-else>N/A</span></template>
</MkKeyValue>
<MkKeyValue v-if="ap" oneline>
<template #key>Type</template>
<template #value><span class="_monospace">{{ ap.type }}</span></template>
</MkKeyValue>
</div>
<MkButton v-if="user.host != null" @click="updateRemoteUser"><i class="ti ti-refresh"></i> {{ i18n.ts.updateRemoteUser }}</MkButton>
<MkFolder>
<template #label>Raw</template>
<MkObjectView v-if="ap" tall :value="ap">
</MkObjectView>
</MkFolder>
</div>
</FormSection>
-->
<FormSection>
<div class="_gaps">
<MkSwitch v-model="suspended" @update:modelValue="toggleSuspend">{{ i18n.ts.suspend }}</MkSwitch>
@ -123,8 +87,8 @@ SPDX-License-Identifier: AGPL-3.0-only
</template>
</MkFolder>
<div>
<MkButton v-if="iAmModerator" inline danger style="margin-right: 8px;" @click="unsetUserAvatar"><i class="ti ti-user-circle"></i> {{ i18n.ts.unsetUserAvatar }}</MkButton>
<div class="_buttons">
<MkButton v-if="iAmModerator" inline danger @click="unsetUserAvatar"><i class="ti ti-user-circle"></i> {{ i18n.ts.unsetUserAvatar }}</MkButton>
<MkButton v-if="iAmModerator" inline danger @click="unsetUserBanner"><i class="ti ti-photo"></i> {{ i18n.ts.unsetUserBanner }}</MkButton>
</div>
<MkButton v-if="$i.isAdmin" inline danger @click="deleteAccount">{{ i18n.ts.deleteAccount }}</MkButton>
@ -172,6 +136,7 @@ SPDX-License-Identifier: AGPL-3.0-only
</div>
<div v-else-if="tab === 'drive'" class="_gaps">
<MkButton v-if="iAmModerator" inline danger @click="deleteAllFiles"><i class="ti ti-trash"></i> {{ i18n.ts.deleteAllFiles }}</MkButton>
<MkFileListForAdmin :pagination="filesPagination" viewMode="grid"/>
</div>
@ -191,6 +156,36 @@ SPDX-License-Identifier: AGPL-3.0-only
</div>
</div>
<div v-else-if="tab === 'activitypub'" class="_gaps_m">
<div style="display: flex; flex-direction: column; gap: 1em;">
<MkKeyValue v-if="user.host" oneline>
<template #key>{{ i18n.ts.instanceInfo }}</template>
<template #value><MkA :to="`/instance-info/${user.host}`" class="_link">{{ user.host }} <i class="ti ti-chevron-right"></i></MkA></template>
</MkKeyValue>
<MkKeyValue v-else oneline>
<template #key>{{ i18n.ts.instanceInfo }}</template>
<template #value>(Local user)</template>
</MkKeyValue>
<MkKeyValue oneline>
<template #key>{{ i18n.ts.updatedAt }}</template>
<template #value><MkTime v-if="user.lastFetchedAt" mode="detail" :time="user.lastFetchedAt"/><span v-else>N/A</span></template>
</MkKeyValue>
<MkKeyValue v-if="ap" oneline>
<template #key>Type</template>
<template #value><span class="_monospace">{{ ap.type }}</span></template>
</MkKeyValue>
</div>
<MkButton v-if="user.host != null" @click="updateRemoteUser"><i class="ti ti-refresh"></i> {{ i18n.ts.updateRemoteUser }}</MkButton>
<MkFolder>
<template #label>Raw</template>
<MkObjectView v-if="ap" tall :value="ap">
</MkObjectView>
</MkFolder>
</div>
<div v-else-if="tab === 'raw'" class="_gaps_m">
<MkObjectView v-if="info && $i.isAdmin" tall :value="info">
</MkObjectView>
@ -243,10 +238,12 @@ const init = ref<ReturnType<typeof createFetcher>>();
const info = ref<any>();
const ips = ref<Misskey.entities.AdminGetUserIpsResponse | null>(null);
const ap = ref<any>(null);
const admin = ref(false);
const moderator = ref(false);
const silenced = ref(false);
const limited = ref(false);
const suspended = ref(false);
const deleted = ref(false);
const moderationNote = ref('');
const filesPagination = {
endpoint: 'admin/drive/files' as const,
@ -277,15 +274,18 @@ function createFetcher() {
user.value = _user;
info.value = _info;
ips.value = _ips;
admin.value = info.value.isAdmin;
moderator.value = info.value.isModerator;
silenced.value = info.value.isSilenced;
limited.value = info.value.isLimited;
suspended.value = info.value.isSuspended;
deleted.value = info.value.isDeleted;
moderationNote.value = info.value.moderationNote;
watch(moderationNote, async () => {
await misskeyApi('admin/update-user-note', { userId: user.value.id, text: moderationNote.value });
await refreshUser();
await misskeyApi('admin/update-user-note', {
userId: user.value.id, text: moderationNote.value
}).then(refreshUser);
});
});
}
@ -295,8 +295,9 @@ function refreshUser() {
}
async function updateRemoteUser() {
await os.apiWithDialog('federation/update-remote-user', { userId: user.value.id });
refreshUser();
await os.apiWithDialog('federation/update-remote-user', {
userId: user.value.id
}).then(refreshUser);
}
async function resetPassword() {
@ -325,8 +326,9 @@ async function toggleSuspend(v) {
if (confirm.canceled) {
suspended.value = !v;
} else {
await misskeyApi(v ? 'admin/suspend-user' : 'admin/unsuspend-user', { userId: user.value.id });
await refreshUser();
await misskeyApi(v ? 'admin/suspend-user' : 'admin/unsuspend-user', {
userId: user.value.id
}).then(refreshUser);
}
}
@ -336,17 +338,10 @@ async function unsetUserAvatar() {
text: i18n.ts.unsetUserAvatarConfirm,
});
if (confirm.canceled) return;
const process = async () => {
await misskeyApi('admin/unset-user-avatar', { userId: user.value.id });
os.success();
};
await process().catch(err => {
os.alert({
type: 'error',
text: err.toString(),
});
});
refreshUser();
await os.apiWithDialog('admin/unset-user-avatar', {
userId: user.value.id
}).then(refreshUser);
}
async function unsetUserBanner() {
@ -355,17 +350,10 @@ async function unsetUserBanner() {
text: i18n.ts.unsetUserBannerConfirm,
});
if (confirm.canceled) return;
const process = async () => {
await misskeyApi('admin/unset-user-banner', { userId: user.value.id });
os.success();
};
await process().catch(err => {
os.alert({
type: 'error',
text: err.toString(),
});
});
refreshUser();
await os.apiWithDialog('admin/unset-user-banner', {
userId: user.value.id
}).then(refreshUser);
}
async function deleteAllFiles() {
@ -374,17 +362,22 @@ async function deleteAllFiles() {
text: i18n.ts.deleteAllFilesConfirm,
});
if (confirm.canceled) return;
const process = async () => {
await misskeyApi('admin/delete-all-files-of-a-user', { userId: user.value.id });
os.success();
};
await process().catch(err => {
const typed = await os.inputText({
text: i18n.tsx.typeToConfirm({ x: user.value?.username }),
});
if (typed.canceled) return;
if (typed.result === user.value?.username) {
await os.apiWithDialog('admin/drive/delete-all-files-of-a-user', {
userId: user.value.id
}).then(refreshUser);
} else {
os.alert({
type: 'error',
text: err.toString(),
text: 'input not match',
});
});
await refreshUser();
}
}
async function deleteAccount() {
@ -400,9 +393,9 @@ async function deleteAccount() {
if (typed.canceled) return;
if (typed.result === user.value?.username) {
await os.apiWithDialog('admin/delete-account', {
await os.apiWithDialog('admin/accounts/delete', {
userId: user.value.id,
});
}).then(refreshUser);
} else {
os.alert({
type: 'error',
@ -444,8 +437,9 @@ async function assignRole() {
: period === 'oneMonth' ? Date.now() + (1000 * 60 * 60 * 24 * 30)
: null;
await os.apiWithDialog('admin/roles/assign', { roleId, userId: user.value.id, expiresAt });
refreshUser();
await os.apiWithDialog('admin/roles/assign', {
roleId, userId: user.value.id, expiresAt
}).then(refreshUser);
}
async function unassignRole(role, ev) {
@ -454,8 +448,9 @@ async function unassignRole(role, ev) {
icon: 'ti ti-x',
danger: true,
action: async () => {
await os.apiWithDialog('admin/roles/unassign', { roleId: role.id, userId: user.value.id });
refreshUser();
await os.apiWithDialog('admin/roles/unassign', {
roleId: role.id, userId: user.value.id
}).then(refreshUser);
},
}], ev.currentTarget ?? ev.target);
}
@ -525,6 +520,10 @@ const headerTabs = computed(() => [{
key: 'chart',
title: i18n.ts.charts,
icon: 'ti ti-chart-line',
}, {
key: 'activitypub',
title: 'ActivityPub',
icon: 'ti ti-share',
}, {
key: 'raw',
title: 'Raw',
@ -581,7 +580,12 @@ definePageMetadata(() => ({
display: none;
}
> .suspended, > .limited, > .silenced, > .moderator {
> .admin,
> .moderator,
> .silenced,
> .limited,
> .suspended,
> .deleted {
display: inline-block;
border: solid 1px;
border-radius: 6px;
@ -589,14 +593,14 @@ definePageMetadata(() => ({
font-size: 85%;
}
> .suspended {
color: var(--error);
border-color: var(--error);
> .admin {
color: var(--success);
border-color: var(--success);
}
> .limited {
color: var(--error);
border-color: var(--error);
> .moderator {
color: var(--success);
border-color: var(--success);
}
> .silenced {
@ -604,9 +608,19 @@ definePageMetadata(() => ({
border-color: var(--warn);
}
> .moderator {
color: var(--success);
border-color: var(--success);
> .limited {
color: var(--error);
border-color: var(--error);
}
> .suspended {
color: var(--error);
border-color: var(--error);
}
> .deleted {
color: var(--error);
border-color: var(--error);
}
}
}

View file

@ -240,6 +240,26 @@ SPDX-License-Identifier: AGPL-3.0-only
</div>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canPurgeAccount, 'canPurgeAccount'])">
<template #label>{{ i18n.ts._role._options.canPurgeAccount }}</template>
<template #suffix>
<span v-if="role.policies.canPurgeAccount.useDefault" :class="$style.useDefaultLabel">{{ i18n.ts._role.useBaseValue }}</span>
<span v-else>{{ role.policies.canPurgeAccount.value ? i18n.ts.yes : i18n.ts.no }}</span>
<span :class="$style.priorityIndicator"><i :class="getPriorityIcon(role.policies.canPurgeAccount)"></i></span>
</template>
<div class="_gaps">
<MkSwitch v-model="role.policies.canPurgeAccount.useDefault" :readonly="readonly">
<template #label>{{ i18n.ts._role.useBaseValue }}</template>
</MkSwitch>
<MkSwitch v-model="role.policies.canPurgeAccount.value" :disabled="role.policies.canPurgeAccount.useDefault" :readonly="readonly">
<template #label>{{ i18n.ts.enable }}</template>
</MkSwitch>
<MkRange v-model="role.policies.canPurgeAccount.priority" :min="0" :max="2" :step="1" easing :textConverter="(v) => v === 0 ? i18n.ts._role._priority.low : v === 1 ? i18n.ts._role._priority.middle : v === 2 ? i18n.ts._role._priority.high : ''">
<template #label>{{ i18n.ts._role.priority }}</template>
</MkRange>
</div>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canUpdateAvatar, 'canUpdateAvatar'])">
<template #label>{{ i18n.ts._role._options.canUpdateAvatar }}</template>
<template #suffix>

View file

@ -80,6 +80,14 @@ SPDX-License-Identifier: AGPL-3.0-only
</MkSwitch>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canPurgeAccount, 'canPurgeAccount'])">
<template #label>{{ i18n.ts._role._options.canPurgeAccount }}</template>
<template #suffix>{{ policies.canPurgeAccount ? i18n.ts.yes : i18n.ts.no }}</template>
<MkSwitch v-model="policies.canPurgeAccount">
<template #label>{{ i18n.ts.enable }}</template>
</MkSwitch>
</MkFolder>
<MkFolder v-if="matchQuery([i18n.ts._role._options.canUpdateAvatar, 'canUpdateAvatar'])">
<template #label>{{ i18n.ts._role._options.canUpdateAvatar }}</template>
<template #suffix>{{ policies.canUpdateAvatar ? i18n.ts.yes : i18n.ts.no }}</template>

View file

@ -12,10 +12,11 @@ SPDX-License-Identifier: AGPL-3.0-only
<span :class="$style.userMInfoMetaName"><MkUserName :class="$style.userMInfoMetaName" :user="user"/></span>
<span :class="$style.userMInfoMetaSub"><span class="acct _monospace">@{{ acct(user) }}</span></span>
<span :class="$style.userMInfoMetaState">
<span v-if="suspended" :class="$style.suspended">Suspended</span>
<span v-if="limited" :class="$style.limited">Limited</span>
<span v-if="silenced" :class="$style.silenced">Silenced</span>
<span v-if="moderator" :class="$style.moderator">Moderator</span>
<span v-if="silenced" :class="$style.silenced">Silenced</span>
<span v-if="limited" :class="$style.limited">Limited</span>
<span v-if="suspended" :class="$style.suspended">Suspended</span>
<span v-if="deleted" :class="$style.deleted">Deleted</span>
</span>
</div>
</div>
@ -56,6 +57,7 @@ const moderator = computed(() => props.user.isModerator ?? false);
const silenced = computed(() => props.user.isSilenced ?? false);
const limited = computed(() => props.user.isLimited ?? false);
const suspended = computed(() => props.user.isSuspended ?? false);
const deleted = computed(() => props.user.isDeleted ?? false);
</script>
<style lang="scss" module>
@ -104,10 +106,11 @@ const suspended = computed(() => props.user.isSuspended ?? false);
display: none;
}
> .suspended,
> .limited,
> .moderator,
> .silenced,
> .moderator {
> .limited,
> .suspended,
> .deleted {
display: inline-block;
border: solid 1px;
border-radius: 6px;
@ -115,14 +118,9 @@ const suspended = computed(() => props.user.isSuspended ?? false);
font-size: 85%;
}
> .suspended {
color: var(--error);
border-color: var(--error);
}
> .limited {
color: var(--error);
border-color: var(--error);
> .moderator {
color: var(--success);
border-color: var(--success);
}
> .silenced {
@ -130,9 +128,19 @@ const suspended = computed(() => props.user.isSuspended ?? false);
border-color: var(--warn);
}
> .moderator {
color: var(--success);
border-color: var(--success);
> .limited {
color: var(--error);
border-color: var(--error);
}
> .suspended {
color: var(--error);
border-color: var(--error);
}
> .deleted {
color: var(--error);
border-color: var(--error);
}
}
</style>

View file

@ -122,10 +122,7 @@ type AdminAvatarDecorationsListResponse = operations['admin/avatar-decorations/l
type AdminAvatarDecorationsUpdateRequest = operations['admin/avatar-decorations/update']['requestBody']['content']['application/json'];
// @public (undocumented)
type AdminDeleteAccountRequest = operations['admin/delete-account']['requestBody']['content']['application/json'];
// @public (undocumented)
type AdminDeleteAllFilesOfAUserRequest = operations['admin/delete-all-files-of-a-user']['requestBody']['content']['application/json'];
type AdminDriveDeleteAllFilesOfAUserRequest = operations['admin/drive/delete-all-files-of-a-user']['requestBody']['content']['application/json'];
// @public (undocumented)
type AdminDriveFilesRequest = operations['admin/drive/files']['requestBody']['content']['application/json'];
@ -1215,9 +1212,9 @@ declare namespace entities {
AdminAvatarDecorationsListRequest,
AdminAvatarDecorationsListResponse,
AdminAvatarDecorationsUpdateRequest,
AdminDeleteAllFilesOfAUserRequest,
AdminUnsetUserAvatarRequest,
AdminUnsetUserBannerRequest,
AdminDriveDeleteAllFilesOfAUserRequest,
AdminDriveFilesRequest,
AdminDriveFilesResponse,
AdminDriveShowFileRequest,
@ -1280,7 +1277,6 @@ declare namespace entities {
AdminSuspendUserRequest,
AdminUnsuspendUserRequest,
AdminUpdateMetaRequest,
AdminDeleteAccountRequest,
AdminUpdateUserNoteRequest,
AdminRolesCreateRequest,
AdminRolesCreateResponse,
@ -2733,7 +2729,7 @@ type PagesUpdateRequest = operations['pages/update']['requestBody']['content']['
function parse(acct: string): Acct;
// @public (undocumented)
export const permissions: readonly ["read:account", "write:account", "read:blocks", "write:blocks", "read:drive", "write:drive", "read:favorites", "write:favorites", "read:following", "write:following", "read:messaging", "write:messaging", "read:mutes", "write:mutes", "write:notes", "read:notifications", "write:notifications", "read:reactions", "write:reactions", "write:votes", "read:pages", "write:pages", "write:page-likes", "read:page-likes", "read:user-groups", "write:user-groups", "read:channels", "write:channels", "read:gallery", "write:gallery", "read:gallery-likes", "write:gallery-likes", "read:flash", "write:flash", "read:flash-likes", "write:flash-likes", "read:admin:abuse-user-reports", "read:admin:abuse-report-resolvers", "write:admin:abuse-report-resolvers", "write:admin:delete-account", "write:admin:delete-all-files-of-a-user", "read:admin:index-stats", "read:admin:table-stats", "read:admin:user-ips", "read:admin:meta", "write:admin:reset-password", "write:admin:resolve-abuse-user-report", "write:admin:send-email", "read:admin:server-info", "read:admin:show-moderation-log", "read:admin:show-user", "read:admin:show-users", "write:admin:suspend-user", "write:admin:unset-user-avatar", "write:admin:unset-user-banner", "write:admin:unsuspend-user", "write:admin:meta", "write:admin:user-note", "write:admin:roles", "read:admin:roles", "write:admin:relays", "read:admin:relays", "write:admin:invite-codes", "read:admin:invite-codes", "write:admin:announcements", "read:admin:announcements", "write:admin:avatar-decorations", "read:admin:avatar-decorations", "write:admin:federation", "write:admin:indie-auth", "read:admin:indie-auth", "write:admin:account", "read:admin:account", "write:admin:emoji", "read:admin:emoji", "write:admin:queue", "read:admin:queue", "write:admin:promo", "write:admin:drive", "read:admin:drive", "write:admin:sso", "read:admin:sso", "write:admin:ad", "read:admin:ad", "write:invite-codes", "read:invite-codes", "write:clip-favorite", "read:clip-favorite", "read:federation", "write:report-abuse"];
export const permissions: readonly ["read:account", "write:account", "read:blocks", "write:blocks", "read:drive", "write:drive", "read:favorites", "write:favorites", "read:following", "write:following", "read:messaging", "write:messaging", "read:mutes", "write:mutes", "write:notes", "read:notifications", "write:notifications", "read:reactions", "write:reactions", "write:votes", "read:pages", "write:pages", "write:page-likes", "read:page-likes", "read:user-groups", "write:user-groups", "read:channels", "write:channels", "read:gallery", "write:gallery", "read:gallery-likes", "write:gallery-likes", "read:flash", "write:flash", "read:flash-likes", "write:flash-likes", "read:admin:abuse-user-reports", "read:admin:abuse-report-resolvers", "write:admin:abuse-report-resolvers", "read:admin:index-stats", "read:admin:table-stats", "read:admin:user-ips", "read:admin:meta", "write:admin:reset-password", "write:admin:resolve-abuse-user-report", "write:admin:send-email", "read:admin:server-info", "read:admin:show-moderation-log", "read:admin:show-user", "read:admin:show-users", "write:admin:suspend-user", "write:admin:unset-user-avatar", "write:admin:unset-user-banner", "write:admin:unsuspend-user", "write:admin:meta", "write:admin:user-note", "write:admin:roles", "read:admin:roles", "write:admin:relays", "read:admin:relays", "write:admin:invite-codes", "read:admin:invite-codes", "write:admin:announcements", "read:admin:announcements", "write:admin:avatar-decorations", "read:admin:avatar-decorations", "write:admin:federation", "write:admin:indie-auth", "read:admin:indie-auth", "write:admin:account", "read:admin:account", "write:admin:emoji", "read:admin:emoji", "write:admin:queue", "read:admin:queue", "write:admin:promo", "write:admin:drive", "read:admin:drive", "write:admin:sso", "read:admin:sso", "write:admin:ad", "read:admin:ad", "write:invite-codes", "read:invite-codes", "write:clip-favorite", "read:clip-favorite", "read:federation", "write:report-abuse"];
// @public (undocumented)
type PingResponse = operations['ping']['responses']['200']['content']['application/json'];

View file

@ -234,17 +234,6 @@ declare module '../api.js' {
credential?: string | null,
): Promise<SwitchCaseResponseType<E, P>>;
/**
* No description provided.
*
* **Credential required**: *Yes* / **Permission**: *write:admin:delete-all-files-of-a-user*
*/
request<E extends 'admin/delete-all-files-of-a-user', P extends Endpoints[E]['req']>(
endpoint: E,
params: P,
credential?: string | null,
): Promise<SwitchCaseResponseType<E, P>>;
/**
* No description provided.
*
@ -289,6 +278,17 @@ declare module '../api.js' {
credential?: string | null,
): Promise<SwitchCaseResponseType<E, P>>;
/**
* No description provided.
*
* **Credential required**: *Yes* / **Permission**: *write:admin:drive*
*/
request<E extends 'admin/drive/delete-all-files-of-a-user', P extends Endpoints[E]['req']>(
endpoint: E,
params: P,
credential?: string | null,
): Promise<SwitchCaseResponseType<E, P>>;
/**
* No description provided.
*
@ -807,17 +807,6 @@ declare module '../api.js' {
credential?: string | null,
): Promise<SwitchCaseResponseType<E, P>>;
/**
* No description provided.
*
* **Credential required**: *Yes* / **Permission**: *write:admin:delete-account*
*/
request<E extends 'admin/delete-account', P extends Endpoints[E]['req']>(
endpoint: E,
params: P,
credential?: string | null,
): Promise<SwitchCaseResponseType<E, P>>;
/**
* No description provided.
*

View file

@ -32,9 +32,9 @@ import type {
AdminAvatarDecorationsListRequest,
AdminAvatarDecorationsListResponse,
AdminAvatarDecorationsUpdateRequest,
AdminDeleteAllFilesOfAUserRequest,
AdminUnsetUserAvatarRequest,
AdminUnsetUserBannerRequest,
AdminDriveDeleteAllFilesOfAUserRequest,
AdminDriveFilesRequest,
AdminDriveFilesResponse,
AdminDriveShowFileRequest,
@ -97,7 +97,6 @@ import type {
AdminSuspendUserRequest,
AdminUnsuspendUserRequest,
AdminUpdateMetaRequest,
AdminDeleteAccountRequest,
AdminUpdateUserNoteRequest,
AdminRolesCreateRequest,
AdminRolesCreateResponse,
@ -596,11 +595,11 @@ export type Endpoints = {
'admin/avatar-decorations/delete': { req: AdminAvatarDecorationsDeleteRequest; res: EmptyResponse };
'admin/avatar-decorations/list': { req: AdminAvatarDecorationsListRequest; res: AdminAvatarDecorationsListResponse };
'admin/avatar-decorations/update': { req: AdminAvatarDecorationsUpdateRequest; res: EmptyResponse };
'admin/delete-all-files-of-a-user': { req: AdminDeleteAllFilesOfAUserRequest; res: EmptyResponse };
'admin/unset-user-avatar': { req: AdminUnsetUserAvatarRequest; res: EmptyResponse };
'admin/unset-user-banner': { req: AdminUnsetUserBannerRequest; res: EmptyResponse };
'admin/drive/clean-remote-files': { req: EmptyRequest; res: EmptyResponse };
'admin/drive/cleanup': { req: EmptyRequest; res: EmptyResponse };
'admin/drive/delete-all-files-of-a-user': { req: AdminDriveDeleteAllFilesOfAUserRequest; res: EmptyResponse };
'admin/drive/files': { req: AdminDriveFilesRequest; res: AdminDriveFilesResponse };
'admin/drive/show-file': { req: AdminDriveShowFileRequest; res: AdminDriveShowFileResponse };
'admin/emoji/add-aliases-bulk': { req: AdminEmojiAddAliasesBulkRequest; res: EmptyResponse };
@ -648,7 +647,6 @@ export type Endpoints = {
'admin/suspend-user': { req: AdminSuspendUserRequest; res: EmptyResponse };
'admin/unsuspend-user': { req: AdminUnsuspendUserRequest; res: EmptyResponse };
'admin/update-meta': { req: AdminUpdateMetaRequest; res: EmptyResponse };
'admin/delete-account': { req: AdminDeleteAccountRequest; res: EmptyResponse };
'admin/update-user-note': { req: AdminUpdateUserNoteRequest; res: EmptyResponse };
'admin/roles/create': { req: AdminRolesCreateRequest; res: AdminRolesCreateResponse };
'admin/roles/delete': { req: AdminRolesDeleteRequest; res: EmptyResponse };

View file

@ -34,9 +34,9 @@ export type AdminAvatarDecorationsDeleteRequest = operations['admin/avatar-decor
export type AdminAvatarDecorationsListRequest = operations['admin/avatar-decorations/list']['requestBody']['content']['application/json'];
export type AdminAvatarDecorationsListResponse = operations['admin/avatar-decorations/list']['responses']['200']['content']['application/json'];
export type AdminAvatarDecorationsUpdateRequest = operations['admin/avatar-decorations/update']['requestBody']['content']['application/json'];
export type AdminDeleteAllFilesOfAUserRequest = operations['admin/delete-all-files-of-a-user']['requestBody']['content']['application/json'];
export type AdminUnsetUserAvatarRequest = operations['admin/unset-user-avatar']['requestBody']['content']['application/json'];
export type AdminUnsetUserBannerRequest = operations['admin/unset-user-banner']['requestBody']['content']['application/json'];
export type AdminDriveDeleteAllFilesOfAUserRequest = operations['admin/drive/delete-all-files-of-a-user']['requestBody']['content']['application/json'];
export type AdminDriveFilesRequest = operations['admin/drive/files']['requestBody']['content']['application/json'];
export type AdminDriveFilesResponse = operations['admin/drive/files']['responses']['200']['content']['application/json'];
export type AdminDriveShowFileRequest = operations['admin/drive/show-file']['requestBody']['content']['application/json'];
@ -99,7 +99,6 @@ export type AdminShowUsersResponse = operations['admin/show-users']['responses']
export type AdminSuspendUserRequest = operations['admin/suspend-user']['requestBody']['content']['application/json'];
export type AdminUnsuspendUserRequest = operations['admin/unsuspend-user']['requestBody']['content']['application/json'];
export type AdminUpdateMetaRequest = operations['admin/update-meta']['requestBody']['content']['application/json'];
export type AdminDeleteAccountRequest = operations['admin/delete-account']['requestBody']['content']['application/json'];
export type AdminUpdateUserNoteRequest = operations['admin/update-user-note']['requestBody']['content']['application/json'];
export type AdminRolesCreateRequest = operations['admin/roles/create']['requestBody']['content']['application/json'];
export type AdminRolesCreateResponse = operations['admin/roles/create']['responses']['200']['content']['application/json'];

View file

@ -201,15 +201,6 @@ export type paths = {
*/
post: operations['admin/avatar-decorations/update'];
};
'/admin/delete-all-files-of-a-user': {
/**
* admin/delete-all-files-of-a-user
* @description No description provided.
*
* **Credential required**: *Yes* / **Permission**: *write:admin:delete-all-files-of-a-user*
*/
post: operations['admin/delete-all-files-of-a-user'];
};
'/admin/unset-user-avatar': {
/**
* admin/unset-user-avatar
@ -246,6 +237,15 @@ export type paths = {
*/
post: operations['admin/drive/cleanup'];
};
'/admin/drive/delete-all-files-of-a-user': {
/**
* admin/drive/delete-all-files-of-a-user
* @description No description provided.
*
* **Credential required**: *Yes* / **Permission**: *write:admin:drive*
*/
post: operations['admin/drive/delete-all-files-of-a-user'];
};
'/admin/drive/files': {
/**
* admin/drive/files
@ -670,15 +670,6 @@ export type paths = {
*/
post: operations['admin/update-meta'];
};
'/admin/delete-account': {
/**
* admin/delete-account
* @description No description provided.
*
* **Credential required**: *Yes* / **Permission**: *write:admin:delete-account*
*/
post: operations['admin/delete-account'];
};
'/admin/update-user-note': {
/**
* admin/update-user-note
@ -4844,6 +4835,7 @@ export type components = {
canCreateContent: boolean;
canUpdateContent: boolean;
canDeleteContent: boolean;
canPurgeAccount: boolean;
canUpdateAvatar: boolean;
canUpdateBanner: boolean;
mentionLimit: number;
@ -6512,58 +6504,6 @@ export type operations = {
};
};
};
/**
* admin/delete-all-files-of-a-user
* @description No description provided.
*
* **Credential required**: *Yes* / **Permission**: *write:admin:delete-all-files-of-a-user*
*/
'admin/delete-all-files-of-a-user': {
requestBody: {
content: {
'application/json': {
/** Format: misskey:id */
userId: string;
};
};
};
responses: {
/** @description OK (without any results) */
204: {
content: never;
};
/** @description Client error */
400: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description Authentication error */
401: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description Forbidden error */
403: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description I'm Ai */
418: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description Internal server error */
500: {
content: {
'application/json': components['schemas']['Error'];
};
};
};
};
/**
* admin/unset-user-avatar
* @description No description provided.
@ -6756,6 +6696,58 @@ export type operations = {
};
};
};
/**
* admin/drive/delete-all-files-of-a-user
* @description No description provided.
*
* **Credential required**: *Yes* / **Permission**: *write:admin:drive*
*/
'admin/drive/delete-all-files-of-a-user': {
requestBody: {
content: {
'application/json': {
/** Format: misskey:id */
userId: string;
};
};
};
responses: {
/** @description OK (without any results) */
204: {
content: never;
};
/** @description Client error */
400: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description Authentication error */
401: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description Forbidden error */
403: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description I'm Ai */
418: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description Internal server error */
500: {
content: {
'application/json': components['schemas']['Error'];
};
};
};
};
/**
* admin/drive/files
* @description No description provided.
@ -9321,6 +9313,8 @@ export type operations = {
};
isModerator: boolean;
isSilenced: boolean;
isLimited: boolean;
isDeleted: boolean;
isSuspended: boolean;
isHibernated: boolean;
lastActiveDate: string | null;
@ -9703,58 +9697,6 @@ export type operations = {
};
};
};
/**
* admin/delete-account
* @description No description provided.
*
* **Credential required**: *Yes* / **Permission**: *write:admin:delete-account*
*/
'admin/delete-account': {
requestBody: {
content: {
'application/json': {
/** Format: misskey:id */
userId: string;
};
};
};
responses: {
/** @description OK (without any results) */
204: {
content: never;
};
/** @description Client error */
400: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description Authentication error */
401: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description Forbidden error */
403: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description I'm Ai */
418: {
content: {
'application/json': components['schemas']['Error'];
};
};
/** @description Internal server error */
500: {
content: {
'application/json': components['schemas']['Error'];
};
};
};
};
/**
* admin/update-user-note
* @description No description provided.

View file

@ -48,8 +48,6 @@ export const permissions = [
'read:admin:abuse-user-reports',
'read:admin:abuse-report-resolvers',
'write:admin:abuse-report-resolvers',
'write:admin:delete-account',
'write:admin:delete-all-files-of-a-user',
'read:admin:index-stats',
'read:admin:table-stats',
'read:admin:user-ips',